[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Hello, about Best Hardware...
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Hello, about Best Hardware...
- From: "Gregory Maxwell" <gmaxwell@xxxxxxxxx>
- Date: Sun, 16 Dec 2007 18:41:12 -0500
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Sun, 16 Dec 2007 18:41:22 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=tl+L4UrwZLLo+MaRmbuH3xfkjoKm4GUlHb3svIJ2R/E=; b=OsQHa0z9H2flBaInC//G4CqyQdaS0MoGIZW94gYhcemRBkgXWXgaB89AMq12dIiQjD3lyjog9dW8p2YIgwEfTRWZZ9RxjZplDEYjBhUPQNnYfd8P3y3ZojNFQLWiVXsVoBVZDxLQlZE7kI+p+gloF6H1hiSFSkeU1hnH/U0Jc8A=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=ED4oOb7McY+jdQeOak38kcJDCjodzAFgmkKZqhSir+V0A5qGPYi9T4lQLCJny7zzgrYUfZ5RxzKQFBbgy0ZlfrdEIynBeya8h90nao0wGuh59tdKB/wYNI+o2llG0M1xJ6O7ioOSuL80CFYcXnwIow1KmlKkLOUrATfibNKnchs=
- In-reply-to: <4765AE3C.50704@xxxxxxxxx>
- References: <524173.15532.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <4765AE3C.50704@xxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On Dec 16, 2007 6:01 PM, F. Fox <kitsune.or@xxxxxxxxx> wrote:
> I think running *any* system in this modern age without some kind of
> firewall protection - even if it's just software on the end box itself -
> is an invitation to disaster; doing it with a server is suicide. =:oD
This is WindowsPC thinking.
If on your server you perform a netstat -L and see that only TOR and
SSH are listening, and your 'firewall' would have let those things
through anyways, then a 'firewall' is providing no additional
security, only some increased robustness against future
misconfiguration.
Can firewalling be useful even in this situation, yes, but to call it
"suicide" is non-sense.